More and more documents are stored electronically. This often involves a digital time-stamping mechanism in order to bind the document or its content to a particular point in time. To minimize the risk that either the data or the time-stamp can be tampered with at a later date a cryptographic digital signature is used to protect both elements.
US Patent Application Publication US 2002/0120851 A1 refers to a device and method for data time-stamping. The device includes a trusted clock, a memory, a time-stamper and a digital signer. The device is adapted to store to the memory data that has been time-stamped by the time-stamper, with a time obtained from the trusted clock, and digitally signed with a digital signature by the digital signer.
However, at present the requirement that a user is legally liable for documents that he/she digitally signs and that the documents remain secure for a long period of time, for example at least 30 years, can not be fulfilled, because of the limited computational power of personal cryptographic tokens.
It should not be possible to create any signature without the users consent. This can be forced by an individual cryptographic hardware token which acts as a signing device (e.g. a smart card).
Current hardware tokens of this type are restricted in terms of computational power which means that digital signatures with very large key lengths cannot be computed within an acceptable time.
It is an object of the present invention to create and verify digital signatures that are secure for a very long time, taking into account future cryptographic developments which could render current cryptographic key-lengths insufficient.